© all rights reserved. no copies may be made without the express written consent of affiliated...
TRANSCRIPT
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
www.affiliatedmonitors.comEric R. FeldmanSenior Vice President and Managing DirectorCorporate Ethics and Compliance Programs Affiliated Monitors, Inc.
“IT’S NOT JUST TONE AT THE TOP”:HOW COMPANIES CAN BUILD A
CORPORATE ETHICAL CULTURE AND PREVENT FRAUD
ACFE SAN FRANCISCOSEPTEMBER 11, 2015
1
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
BACKGROUNDRetired from CIA in April 2011 with 32 years of federal service Government Accountability Office Department of Defense CIA/National Reconnaissance Office IG Senior Advisor for Procurement Integrity
2
Different perspectives on business ethics: senior agency official, law enforcement, corporate
consultant, independent monitor
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
WHAT IS BUSINESS ETHICS?
3
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
A system of proper conduct principles in the workplacethat applies society’s ethical norms to business dealings
determined by:
4
Code of Conduct
Code of Ethics
Policies and Procedures
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc. 5
ETHICS
COMPLIANCE
VS
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
ETHICS
6
Largely rule-based “SOX” Code of Conduct 2008 Economic Meltdown
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
ETHICS VS. COMPLIANCE
“Some companies have given up entirely on trying to figure out what’s ethical and are instead using what’s legal as their standard for decision-making…the result is moral bankruptcy.” –Kevin Rollins, president Dell Computer Corporation
7
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
COMPLIANCE
8
Ruling Philosophies: “As long as it’s legal, it’s ethical.” “As long as it’s not illegal, it’s okay.”
“If you can’t look yourself in the mirror for something you’re about to do, don’t do it.”
-Peter Drucker
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
CULTURE OF COMPLIANCE“Our rules alone won’t be enough. Our rules never have been enough, are not enough today, and never will be enough. What’s really needed is a change of mindset—one that fosters not only a ‘culture of compliance’ but also a company-wide environment that fosters ethical behavior and decision-making.”
–William Donaldson Former chair, SEC
9
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
WHAT IS ETHICAL CULTURE?
10
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
It’s how things are “really done around here.”
11
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
WHAT IS ETHICAL CULTURE? Donaldson says it is instilling “a company-wide commitment
to do the right thing this time, and every time.” Ethical behavior must become “the core of the company’s
essential DNA,” shared by every employee. A firm’s leaders must have the courage and commitment to
question whether a practice is truly ethical or truly in the best interest of clients and customers.
Donaldson: “Customers must always come before the balance sheet and not the other way around.”
12
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
IMPACT OF CULTURE ON MISCONDUCT
.
13
2013 National Business Ethics Survey of the U.S. Workforce, p. 18. ©2014 Ethics Resources Center. www.ethics.org/nbes
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
ETHICAL CULTURES REBOUNDING AFTER 2011 DIP
.
14
2013 National Business Ethics Survey of the U.S. Workforce, p. 17. ©2014 Ethics Resources Center. www.ethics.org/nbes
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
WHAT IS AN ETHICS AND COMPLIANCE PROGRAM?
Corporate code of conduct
Business ethics
Corporate compliance
Anti-fraud programs
Anti-corruption programs
Enterprise risk management
Corporate risk assessments
Fraud risk assessment
Process of assessing risks and vulnerabilities and the adequacy of controls in place to manage those risks.
15
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
FEDERAL SENTENCING GUIDELINES Goal: “Promote an organizational culture that
encourages ethical conduct and a commitment to compliance.”
Deter and punish corporate crime via sentencing. Reduce fraud and other misconduct through strong
ethics and compliance programs. Seven steps: “The Gold Standard.”
1616
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
FEDERAL SENTENCING GUIDELINES
1. Written Compliance Standards and Procedures Code of conduct Anti-fraud/corruption program Non-retaliation policy
2. Accountability and Oversight at the Top Board of directors CEO/leadership team
17
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
FEDERAL SENTENCING GUIDELINES3. Due Diligence in Selecting Staff
Ethics and compliance team Individuals with discretionary authority
4. Adequate Training and Communication Management expectations Training in relevant requirements
5. Robust Monitoring and Auditing Anonymous reporting mechanism Continual program assessment
18
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
FEDERAL SENTENCING GUIDELINES
6. Effective Incentives and Discipline Carrot and stick Alignment of ethics/integrity and financial objectives Incentives for good ethical decision-making Consistent enforcement actions
7. Prompt and Reasonable Response to Criminal Conduct
Full internal investigation Government notifications Internal remediation/self-improvement
19
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
BENEFITS OF THE SEVEN STEPS Sentencing reduction: 3–5 points Leniency in prosecution decisions
U.S. Attorney’s Manual re: charging factors Quicker and more favorable settlements
Avoid suspension or debarment Strengthen ethical culture Better manage fraud risk
20
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
“WE’RE ALREADY AN ETHICAL COMPANY” What is the culture like outside of the C Suite? Risk of bad actors Regulatory complexity Aggressive enforcement
DOJ SEC Suspension and debarment Health care
Foreign Corrupt Practices Act (FCPA) Global economy Enforcement Materiality
21
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
SENTENCING GUIDELINE UPDATES (THRU 2014)
Response to criminal conduct Reasonable steps to remedy harm Restitution Self-reporting Cooperation Modifications to program (outside advisors)
High-level misconduct “okay” CECO reporting relationships Self-detection Prompt reporting Ethics officials not involved
22
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
Sentencing of Organizations “These guidelines offer incentives to organizations to reduce and ultimately eliminate criminal conduct by providing a structural foundation from which an organization may self-police its own conduct through an effective compliance and ethics program. The prevention and detection of criminal conduct, as facilitated by an effective compliance and ethics program, will assist an organization in encouraging ethical conduct and in complying fully with all applicable laws.”
23From U.S. Sentencing Commission, 2014 Guidelines Manual, Chapter 8 - Introductory Commentary
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
Sentencing Guideline Updates (THRU 2014) Ethics and Compliance at High Level
“Specific individual(s) within the organization shall be delegated day-to-day operational responsibility for the compliance and ethics program. Individual(s) with operational responsibility shall report periodically to high-level personnel and, as appropriate, to the governing authority, or an appropriate subgroup of the governing authority, on the effectiveness of the compliance and ethics program. To carry out such operational responsibility, such individual(s) shall be given adequate resources, appropriate authority, and direct access to the governing authority or an appropriate subgroup of the governing authority.”
24From U.S. Sentencing Commission, 2014 Guidelines Manual, §8B2.1.(b)(2)(C)
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
Sentencing Guideline Updates (THRU 2014)“As Appropriate” = At Least Annually
“If the specific individual(s) assigned overall responsibility for the compliance and ethics program does not have day-to-day operational responsibility for the program, then the individual(s) with day-to-day operational responsibility for the program typically should, no less than annually, give the governing authority or an appropriate subgroup thereof information on the implementation and effectiveness of the compliance and ethics program.”
25From U.S. Sentencing Commission, 2014 Guidelines Manual, §8B2.1 Commentary: Application Note 3
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
Sentencing Guideline Updates (THRU 2014)Organizational Carrots
“The organization’s compliance and ethics program shall be promoted and enforced consistently throughout the organization through (A) appropriate incentives to perform in accordance with the compliance and ethics program; and (B) appropriate disciplinary measures for engaging in criminal conduct and for failing to take reasonable steps to prevent or detect criminal conduct.”
26
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
Sentencing Guideline Updates (THRU 2014)Evaluate Effectiveness
“The organization shall take reasonable steps—…to evaluate periodically the effectiveness of the organization's compliance and ethics program…”
27From U.S. Sentencing Commission, 2014 Guidelines Manual, §8B2.1(b)(5)
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
Sentencing Guideline Updates (THRU 2014)Offer Confidentiality
“The organization shall take reasonable steps—…to have and publicize a system, which may include mechanisms that allow for anonymity or confidentiality, whereby the organization’s employees and agents may report or seek guidance regarding potential or actual criminal conduct without fear of retaliation.”
28From U.S. Sentencing Commission, 2014 Guidelines Manual, §8B2.1(b)(5)
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
Sentencing Guideline Updates (THRU 2014)Responsibility for Third Parties
Large organizations—A large organization generally shall devote more formal operations and greater resources in meeting the requirements of this guideline than shall a small organization. As appropriate, a large organization should encourage small organizations (especially those that have, or seek to have, a business relationship with the large organization) to implement effective compliance and ethics programs.
29From U.S. Sentencing Commission, 2014 Guidelines Manual, §8B2.1 Commentary: Application Note 2(C)(ii)
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
ETHICAL CULTURE DRIVES COMPLIANCE RISK
May 2014 RAND Symposium-Transforming Compliance Compliance without ethics doesn’t work. Period. Ethical norms shape the compliance risk. Tone at the top is a prerequisite for ethical culture. Boards need to be engaged; CECOs need to be empowered. Effective compliance reflects transparency/confidentiality
balance.
2013 NBES• Ethics culture drives employee conduct.• In the weakest cultures, 82% of misdeeds happened repeatedly.
30
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
“The Culture of any organization is shaped by the worst behavior the
leader is willing to tolerate”
- Gruenter and Whitaker
31
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
TEN QUESTIONS TO ASK WHEN TRYING TO STRENGTHEN A CORPORATE ETHICAL
CULTURE
1. What is the relationship between ethics and other performance metrics in the company? The leading factor in unethical behavior is pressure from management
or the board to meet unrealistic business objectives. Alignment of ethics and performance objectives is critical in
compensation, bonus, and promotion decisions.
2. Is our required ethics training more than a check-the-box exercise? Cascading training Scenario-based
32
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
TEN QUESTIONS TO ASK WHEN TRYING TO STRENGTHEN A CORPORATE ETHICAL
CULTURE
3. Have we exercised due diligence in our hiring, promotions, and mergers/acquisitions? Due diligence in hiring Promotion screening Performance assessment elements
4. Have we conducted a risk assessment to identify weaknesses? What is our potential Enron? Perverse incentives Unintended consequences of goals and expectations Do WE have a “paper program”?
33
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
TEN QUESTIONS TO ASK WHEN TRYING TO STRENGTHEN A CORPORATE ETHICAL
CULTURE
5. What is the tone at the top? Communicating the ethics message Proactive engagement CECO independence, authority, resources
6. What is the mood in the middle and the buzz at the bottom?
Immediate supervisors have greatest impact. Leadership skill represents a key asset/vulnerability. Leadership accountability or “executive protection program”?
34
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
Senior Level Managers Should Be Setting the Tone
35
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
Large Portion of Misconduct Committed by Managers
24%
19%
17%
36%
4%
Senior leaderMiddle ManagersFirst-line supervisors Non- management employeesOther
2013 National Business Ethics Survey :Business Ethics of the U.S. Workforce, Pg 20. Ethics Resource Center, http://www.ethics.org/nbes/
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
TEN QUESTIONS TO ASK WHEN TRYING TO STRENGTHEN A CORPORATE ETHICAL
CULTURE
7. Who is responsible for paying attention to the ethical culture? Senior leadership intentions don’t always reflect reality. How are ethics incorporated into day-to-day business decisions? Active ethics messaging is a must.
8. Is our Code of Conduct more than shelfware? Is it referenced beyond new-employee orientation? Is it customized to our business? Has it been updated?
37
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
TEN QUESTIONS TO ASK WHEN TRYING TO STRENGTHEN A CORPORATE ETHICAL
CULTURE
9. Are our employees familiar with and comfortable using reporting mechanisms? Is there a fear of retaliation? Is the Hotline or Helpline used regularly? Are reporting trends analyzed and used to strengthen the program?
10. Are we paying adequate attention to the ethical posture of third-parties? Third-party risks are high; due diligence is necessary. This is often the weakest area in ethics assessments.
38
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
“When everybody accepts personal responsibility to behave in ethical ways, you then hardly even have to think about it, because ethical behavior is your nature, not some artificial department… When leaders are open and exact in their observance of ethical codes, they inspire others to do the same.”
STEVEN COVEY: THE ETHICS OF TOTAL INTEGRITY
39
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc. 40
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
WHAT IT TAKES TO COMMIT FRAUD
41
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
FRAUD TRIANGLE AND ETHICAL CULTUREOpportunity Greatest when an employee perceives bad behavior is an accepted way
of doing business: culture Fear of retaliation prevents reportingRationalization Sense of entitlement high in cultures with low morale Perception of unfair treatment Incentives/rewards favoring ethically challenged and promote the wrong
behaviors Doing the “wrong” thing for the “right” reasonsPressure Unrealistic business objectives Ethics divorced from financial metrics
42
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
Organizational Stress Increases Misconduct
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
A. 10%B. 25%C. 50%D. 75%E. Depends on the circumstances
WHAT PERCENTAGE OF EMPLOYEES WOULD COMMIT FRAUD?
44
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
According to fraud experts: 10–20% of employees would never commit a fraud,
regardless of the situation.
60–80% of employees could become perpetrators if the situation was right.
10–20% of employees are basically dishonest and would steal if they got a chance.
THE 10-80-10 RULE
45
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
WHERE DO YOUR EMPLOYEES FALL?
10–20% 60–80% 10–20%
46
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
ETHICAL CULTURE AND FRAUD PREVENTION
Cost of fraud is staggering ACFE Report to the Nations: 5% loss Record False Claims Act 2014 settlements: $5 billion Record number of SEC/DOJ FCPA actions Record number of suspensions/debarments Loss of reputational capital
ROI of anti-fraud programs Duration and value of losses are reduced Reporting hotlines, training, code of conduct, and
reporting incentives all decrease fraud
47
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
THE ROI OF ANTI-FRAUD PROGRAMS
What is an anti-fraud program? Core values Code of conduct Independent CECO Ethics messaging Ethics training Rewards and incentives (aligned with values) Anonymous reporting hotline Investigative process Disciplinary process
48
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
THE ROI OF ANTI-FRAUD PROGRAMS
©2014 Association of Certified Fraud Examiners, Inc.
49
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
THE ROI OF ANTI-FRAUD PROGRAMS
©2014 Association of Certified Fraud Examiners, Inc.
50
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
Companies with Strong Ethics Culture Are Less Likely to Have Ongoing Misconduct
51
2013 National Business Ethics Survey :Business Ethics of the U.S. Workforce, P. 20. Ethics Resource Center, www.ethics.org/nbes
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
WHO’S WATCHING? Government Agency CustomersAgency Inspectors GeneralDefense Contract Audit Agency (DCAA)Federal Regulatory AgenciesDepartment of Justice
52
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
EXPANDED USE OF SUSPENSION AND DEBARMENT
Increased Government Scrutiny False Claims Procurement Integrity Act Violations FAR Violations Mandatory Disclosures Regulatory Violations Quality Control
Ethical culture is a key element considered in Suspension and Debarment Actions.
53
© All rights reserved. No copies may be made without the express written consent of Affiliated Monitors, Inc.
Ethical Culture Can Soften the Blow of Enforcement Actions
Morgan Stanley’s strong, well-documented compliance program and clear compliance directives from their managers protected the company from prosecution.
Johnson & Johnson avoided prosecution by abiding by a long list of Ethics and Compliance program requirements.
Fokker Services DPA was rejected by a court because it lacked a requirement of independent monitoring or regular reporting on the impact of its Ethics and Compliance program.